.:[ packet storm ]:.
                               
plan for the worst
plan for the worst

 Section:  .. / groups / shadowpenguin / unix-exploits  /

Page 1 of 1
<< 1 >> Files 1 - 14 of 14
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: ex_inc.c
Description:
 ex_inc.c exploits a bounds checking error in /usr/jp/bin/mh/inc which was distributed with the mh-6.8.3 package. Local root compromise.
Author:UNYUN
Homepage:http://shadowpenguin.backsection.net
File Size:1621
Last Modified:Nov 25 04:05:08 1999
MD5 Checksum:72428b901f7f45c05e3c1b5048f8275e

 ///  File Name: ex_mailtool.c
Description:
 The mailer programs (mailtool and dtmail) and mail message print filter (dtmailpr) which are installed on Solaris7 have exploitable buffer overflow bugs. These programs are sgid (mail group) programs, local user can obtain mail group. The mail files are generated with 660 permission, so any user can read/write other user's mail files. I coded the exploits to get mail gid(egid=6). There are for Intel Solaris7. There are same kind of problems on Sparc Solaris7 and Solaris2.6 (Intel,Sparc).
Author:UNYUN
Homepage:http://shadowpenguin.backsection.net
File Size:6306
Last Modified:Nov 25 04:00:00 1999
MD5 Checksum:68399227ff709fd06cd83d967dcf842a

 ///  File Name: ex_kcms_configuresp.c
Description:
 The vulnerability in kcms_configure also exists in Solaris 2.6 and 2.7 sparc edition. Exploit included.
Author:UNYUN
Homepage:http://shadowpenguin.backsection.net
File Size:1967
Last Modified:Nov 25 04:00:00 1999
MD5 Checksum:e2e854ae8bed8bd41d390b8b8c6423e1

 ///  File Name: ex_kcms_configure86.c
Description:
 kcms_configure has a overflow bug with "-P" option and it has been reported(107339-01). But this program has another hole. This hole has not been not reported, and the paches are not published at this time. kcms_configure overflows if long string is specified in NETPATH environment, and it is exploitable. I have included an exploit for Solaris7 intel edition to obtain root privilege.
Author:UNYUN
Homepage:http://shadowpenguin.backsection.net
File Size:2468
Last Modified:Nov 25 04:00:00 1999
MD5 Checksum:96891067efbb4ca666ca294943ae33b0

 ///  File Name: ex_bbc.c
Description:
 ex_bbc.c exploits a bounds checking error in /usr/jp/bin/mh/bbc which was distributed with the mh-6.8.3 package. Local root compromise.
Author:UNYUN
Homepage:http://shadowpenguin.backsection.net
File Size:1957
Last Modified:Nov 25 04:00:00 1999
MD5 Checksum:a5b2d66a75247c7d8c9cb5c5bceb2ce4

 ///  File Name: ex_uum.c
Description:
 Local root exploit code for buffer overflow in uum for Japanese Linux.
File Size:1571
Last Modified:Nov 5 23:24:09 1999
MD5 Checksum:863a7d14785073101a7d49dd62001678

 ///  File Name: ex_sdtcm_convert86.c
Description:
 Local root exploit for buffer overflow condition in sdtcm_convert, for Solaris x86 machines.
File Size:2445
Last Modified:Nov 5 23:24:09 1999
MD5 Checksum:d955ef3f946bcdff24e790deb5daf06a

 ///  File Name: ex_sdtcm_convert.c
Description:
 Local root exploit for buffer overflow condition in sdtcm_convert, for Solaris Sparc machines.
File Size:2078
Last Modified:Nov 5 23:24:09 1999
MD5 Checksum:87ad1fbf6788465fdf86d444b37bf205

 ///  File Name: ex_lpset86.c
Description:
 Local root exploit code for buffer overflow in lpset, for Solaris x86 machines.
File Size:1898
Last Modified:Nov 5 23:24:09 1999
MD5 Checksum:6e8bfc6d259a59ff3711b02364fcc462

 ///  File Name: ex_libc.c
Description:
 Exploit code for Solaris 2.6, 2.7 (sparc) libc/LC_MESSAGES buffer overflow that results in root compromise.
File Size:1815
Last Modified:Nov 5 23:24:09 1999
MD5 Checksum:e1ab7379ca0d6ddacf82ca872b94caa4

 ///  File Name: ex_dtprintinfosp.c
Description:
 WSparc port of the exploit code for the dtprintinfo stack buffer overflow present in Solaris 2.6 and 2.7 for Sparc. Local root compromise.
File Size:1931
Last Modified:Nov 5 23:24:09 1999
MD5 Checksum:cfa8cae28e3e09052552a8d7b722bdeb

 ///  File Name: ex_dtprintinfo86.c
Description:
 x_dtprintinfo.c exploits a stack buffer overflow present in x86 versions of Solaris 2.6 and 2.7. Local root compromise.
File Size:1970
Last Modified:Nov 5 23:24:09 1999
MD5 Checksum:cf98cb6e1da14dd39031c8201e2dc582

 ///  File Name: ex_canuum.c
Description:
 Local root exploit code for buffer overflow in canuum for Japanese Linux.
File Size:1795
Last Modified:Nov 5 23:24:09 1999
MD5 Checksum:08d584cfaedebba6322e15ff0bc6ae6e

 ///  File Name: ex_admintool.c
Description:
 Admintool local root exploit for Solaris2.6/7 Sparc machines.
File Size:3029
Last Modified:Nov 5 23:24:09 1999
MD5 Checksum:68f7d2c4497e4f6766f8db1c517c1ac3
 

 ///  Last 10 Files
  1. :· MDVSA-2008-235.txt
  2. :· cambridge-sql.txt
  3. :· verlihub-exec.txt
  4. :· DDIVRT-2008-15.txt
  5. :· openssh-cbc-adv.txt
  6. :· joomlathyme-sql.txt
  7. :· BitDefenderDOS.zip
  8. :· fwknop-1.9.9.tar.gz
  9. :· kvirc-exec.txt
  10. :· vcalendar-disclose.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· MDVSA-2008-235.txt
  2. :· DDIVRT-2008-15.txt
  3. :· openssh-cbc-adv.txt
  4. :· ZDI-08-076.txt
  5. :· ZDI-08-075.txt
  6. :· MDVSA-2008-233.txt
  7. :· SSRT080059.txt
  8. :· MDVSA-2008-220-1.txt
  9. :· MDVSA-2008-232.txt
  10. :· USN-674-1.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· cambridge-sql.txt
  2. :· verlihub-exec.txt
  3. :· joomlathyme-sql.txt
  4. :· BitDefenderDOS.zip
  5. :· kvirc-exec.txt
  6. :· vcalendar-disclose.txt
  7. :· toursmanager-blindsql.txt
  8. :· phprsgal-sql.txt
  9. :· natterchat-sql.txt
  10. :· php526-bypass.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· fwknop-1.9.9.tar.gz
  2. :· pysumpas-0.2.0.tar.gz
  3. :· framework-3.2.tar.gz
  4. :· tor.uclibc.i686.20081115.iso
  5. :· RFIDIOt-Windows-0.1u.zip
  6. :· RFIDIOt-0.1u.tgz
  7. :· dps-v1.5.tar.gz
  8. :· smbrelay3.zip
  9. :· mptrey.tar.gz
  10. :· dotnetsploitsrc-1.0.zip
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· java2-malware.pdf
  2. :· return-to-libc-linux.txt
  3. :· stack-overflow-linux.txt
  4. :· smallest_setuid_execve_sc.c
  5. :· sudoers-shellcode.txt
  6. :· strongswan-4.2.9.tar.gz
  7. :· hodetector-shellcode.txt
  8. :· rtm-essential5.pdf
  9. :· unixasm-1.3.0.tar.gz
  10. :· bnd-networks.pdf
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice